<?php
	include('cnx.php');

	$payaltest = false; //cambiar a false para realizar transacciones reales, de lo contrario utiliza sandbox.
	$req = 'cmd=_notify-validate';
	$tabla='paypal_logs'; 
	$fullipnA = array(); 

	foreach ($_POST as $key => $value)
	{
		$fullipnA[$key] = $value;
		$encodedvalue = urlencode(stripslashes($value));
		$req .= "&$key=$encodedvalue";
	}


	$fullipn = Array2Str(" : ", " ", $fullipnA);
	if (!$payaltest) 
	{
		$url ='https://www.paypal.com/cgi-bin/webscr';  
	 
	}else{  
	 
		$url ='https://www.sandbox.paypal.com/cgi-bin/webscr';  
	 
	}
	 
	$curl_result=$curl_err='';
	$fp = curl_init();
	curl_setopt($fp, CURLOPT_URL,$url);
	curl_setopt($fp, CURLOPT_RETURNTRANSFER,1);
	curl_setopt($fp, CURLOPT_POST, 1);
	curl_setopt($fp, CURLOPT_POSTFIELDS, $req);
	curl_setopt($fp, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", "Content-Length: " . strlen($req)));
	curl_setopt($fp, CURLOPT_HEADER , 0); 
	curl_setopt($fp, CURLOPT_VERBOSE, 1);
	curl_setopt($fp, CURLOPT_SSL_VERIFYPEER, FALSE);
	curl_setopt($fp, CURLOPT_TIMEOUT, 30);
	 
	$response = curl_exec($fp);
	$curl_err = curl_error($fp);
	curl_close($fp);

	// Variables enviadas por Paypal
	$item_name = $_POST['item_name'];
	$item_number = $_POST['item_number'];
	$payment_status = $_POST['payment_status'];
	$payment_amount = $_POST['mc_gross'];
	$payment_currency = $_POST['mc_currency'];
	$txn_id = $_POST['txn_id'];
	$receiver_email = $_POST['receiver_email'];
	$payer_email = $_POST['payer_email'];
	$txn_type = $_POST['txn_type'];
	$pending_reason = $_POST['pending_reason'];
	$payment_type = $_POST['payment_type'];
	$custom_key = $_POST['custom'];
	 

	if (strcmp ($response, "VERIFIED") == 0)        
	{
		if ($payment_status != "Completed")
		{
			TransLog("El pago no fue aceptado por paypal - Estado del Pago: $payment_status");
			StopProcess();
		}
		   
	}else{ 

		/******BD******/
			$tabla='paypal_logs';

			$estado_pago = $_POST["payment_status"];
			$tipo_pago = $_POST["payment_type"];
			$email_comprador = $_POST["payer_email"];
			$nombre_comprador = $_POST["first_name"]." ".$_POST["last_name"];;
			$id_comprador = $_POST["payer_id"];
			$email_vendedor = $_POST["business"];
			$id_producto = $_POST["item_number"];
			$id_transaccion = $_POST["txn_id"];
			$nombre_producto = $_POST["item_name"];
			$cantidad_producto = $_POST["quantity"];
			$costo_producto = $_POST["mc_gross"];
			$fecha = $_POST["payment_date"];
			

			$sql = "INSERT INTO $tabla 
			(estado_pago,
			tipo_pago,
			email_comprador,
			nombre_comprador,
			id_comprador,
			email_vendedor,
			id_producto,
			id_transaccion,
			nombre_producto,
			cantidad_producto,
			costo_producto,
			fecha) 
			VALUES 
			('$estado_pago',
			'$tipo_pago',        
			'$email_comprador',
			'$nombre_comprador',
			'$id_comprador',
			'$email_vendedor',
			'$id_producto',
			'$id_transaccion',
			'$nombre_producto',
			'$cantidad_producto',
			'$costo_producto',
			'$fecha')";  
			mysql_query($sql); 

	}
	

	function notify_webmaster($message)
	{
		$subject="Nueva Compra";
		$remite="mail@mail.com";
		$remitente="paypal";
	 
		$header .="MIME-Version: 1.0\n"; 
		$header .= "Content-type: text/html; charset=iso-8859-1\n"; 
		$header .="From: ".$remitente."<".$remite.">\n";
		$header .="Return-path: ". $remite."\n";
		$header .="X-Mailer: PHP/". phpversion()."\n";

	   mail("kalorojas1@hotmail.com", $subject, $message, $header);
	}
	
	function TransLog($message)
	{   
		notify_webmaster($message); 
	 
	}

	function Array2Str($kvsep, $entrysep, $a)
	{
		$str = "";
		foreach ($a as $k=>$v)
		{
			$str .= "{$k}{$kvsep}{$v}{$entrysep}";
		}
		return $str;
	}

	function StopProcess()
	{
		exit;
	}


?>
